INSANEMODE/OpenAssetTools
1
0
Fork 0
mirror of https://github.com/Laupetin/OpenAssetTools.git synced 2025-06-10 14:58:10 -05:00
Code Issues Packages Projects Releases Wiki Activity

Import code from previous AssetBuilder version

Browse Source
This commit is contained in:
Jan
2019-09-24 10:45:09 +02:00
parent 5609557516
commit 0d8432d4f7
919 changed files with 154412 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

103
thirdparty/libtomcrypt/pk/rsa/rsa_decrypt_key.c vendored Normal file
View File

@ -0,0 +1,103 @@
/* LibTomCrypt, modular cryptographic library -- Tom St Denis
*
* LibTomCrypt is a library that provides various cryptographic
* algorithms in a highly modular and flexible manner.
*
* The library is free for all purposes without any express
* guarantee it works.
*/
#include "tomcrypt.h"
/**
@file rsa_decrypt_key.c
RSA PKCS #1 Decryption, Tom St Denis and Andreas Lange
*/
#ifdef LTC_MRSA
/**
PKCS #1 decrypt then v1.5 or OAEP depad
@param in The ciphertext
@param inlen The length of the ciphertext (octets)
@param out [out] The plaintext
@param outlen [in/out] The max size and resulting size of the plaintext (octets)
@param lparam The system "lparam" value
@param lparamlen The length of the lparam value (octets)
@param hash_idx The index of the hash desired
@param padding Type of padding (LTC_PKCS_1_OAEP or LTC_PKCS_1_V1_5)
@param stat [out] Result of the decryption, 1==valid, 0==invalid
@param key The corresponding private RSA key
@return CRYPT_OK if succcessul (even if invalid)
*/
int rsa_decrypt_key_ex(const unsigned char *in, unsigned long inlen,
unsigned char *out, unsigned long *outlen,
const unsigned char *lparam, unsigned long lparamlen,
int hash_idx, int padding,
int *stat, rsa_key *key)
{
unsigned long modulus_bitlen, modulus_bytelen, x;
int err;
unsigned char *tmp;
LTC_ARGCHK(out != NULL);
LTC_ARGCHK(outlen != NULL);
LTC_ARGCHK(key != NULL);
LTC_ARGCHK(stat != NULL);
/* default to invalid */
*stat = 0;
/* valid padding? */
if ((padding != LTC_PKCS_1_V1_5) &&
(padding != LTC_PKCS_1_OAEP)) {
return CRYPT_PK_INVALID_PADDING;
}
if (padding == LTC_PKCS_1_OAEP) {
/* valid hash ? */
if ((err = hash_is_valid(hash_idx)) != CRYPT_OK) {
return err;
}
}
/* get modulus len in bits */
modulus_bitlen = mp_count_bits( (key->N));
/* outlen must be at least the size of the modulus */
modulus_bytelen = mp_unsigned_bin_size( (key->N));
if (modulus_bytelen != inlen) {
return CRYPT_INVALID_PACKET;
}
/* allocate ram */
tmp = XMALLOC(inlen);
if (tmp == NULL) {
return CRYPT_MEM;
}
/* rsa decode the packet */
x = inlen;
if ((err = ltc_mp.rsa_me(in, inlen, tmp, &x, PK_PRIVATE, key)) != CRYPT_OK) {
XFREE(tmp);
return err;
}
if (padding == LTC_PKCS_1_OAEP) {
/* now OAEP decode the packet */
err = pkcs_1_oaep_decode(tmp, x, lparam, lparamlen, modulus_bitlen, hash_idx,
out, outlen, stat);
} else {
/* now PKCS #1 v1.5 depad the packet */
err = pkcs_1_v1_5_decode(tmp, x, LTC_PKCS_1_EME, modulus_bitlen, out, outlen, stat);
}
XFREE(tmp);
return err;
}
#endif /* LTC_MRSA */
/* ref: HEAD -> master, tag: v1.18.2 */
/* git commit: 7e7eb695d581782f04b24dc444cbfde86af59853 */
/* commit time: 2018-07-01 22:49:01 +0200 */

100
thirdparty/libtomcrypt/pk/rsa/rsa_encrypt_key.c vendored Normal file
View File

@ -0,0 +1,100 @@
/* LibTomCrypt, modular cryptographic library -- Tom St Denis
*
* LibTomCrypt is a library that provides various cryptographic
* algorithms in a highly modular and flexible manner.
*
* The library is free for all purposes without any express
* guarantee it works.
*/
#include "tomcrypt.h"
/**
@file rsa_encrypt_key.c
RSA PKCS #1 encryption, Tom St Denis and Andreas Lange
*/
#ifdef LTC_MRSA
/**
(PKCS #1 v2.0) OAEP pad then encrypt
@param in The plaintext
@param inlen The length of the plaintext (octets)
@param out [out] The ciphertext
@param outlen [in/out] The max size and resulting size of the ciphertext
@param lparam The system "lparam" for the encryption
@param lparamlen The length of lparam (octets)
@param prng An active PRNG
@param prng_idx The index of the desired prng
@param hash_idx The index of the desired hash
@param padding Type of padding (LTC_PKCS_1_OAEP or LTC_PKCS_1_V1_5)
@param key The RSA key to encrypt to
@return CRYPT_OK if successful
*/
int rsa_encrypt_key_ex(const unsigned char *in, unsigned long inlen,
unsigned char *out, unsigned long *outlen,
const unsigned char *lparam, unsigned long lparamlen,
prng_state *prng, int prng_idx, int hash_idx, int padding, rsa_key *key)
{
unsigned long modulus_bitlen, modulus_bytelen, x;
int err;
LTC_ARGCHK(in != NULL);
LTC_ARGCHK(out != NULL);
LTC_ARGCHK(outlen != NULL);
LTC_ARGCHK(key != NULL);
/* valid padding? */
if ((padding != LTC_PKCS_1_V1_5) &&
(padding != LTC_PKCS_1_OAEP)) {
return CRYPT_PK_INVALID_PADDING;
}
/* valid prng? */
if ((err = prng_is_valid(prng_idx)) != CRYPT_OK) {
return err;
}
if (padding == LTC_PKCS_1_OAEP) {
/* valid hash? */
if ((err = hash_is_valid(hash_idx)) != CRYPT_OK) {
return err;
}
}
/* get modulus len in bits */
modulus_bitlen = mp_count_bits( (key->N));
/* outlen must be at least the size of the modulus */
modulus_bytelen = mp_unsigned_bin_size( (key->N));
if (modulus_bytelen > *outlen) {
*outlen = modulus_bytelen;
return CRYPT_BUFFER_OVERFLOW;
}
if (padding == LTC_PKCS_1_OAEP) {
/* OAEP pad the key */
x = *outlen;
if ((err = pkcs_1_oaep_encode(in, inlen, lparam,
lparamlen, modulus_bitlen, prng, prng_idx, hash_idx,
out, &x)) != CRYPT_OK) {
return err;
}
} else {
/* PKCS #1 v1.5 pad the key */
x = *outlen;
if ((err = pkcs_1_v1_5_encode(in, inlen, LTC_PKCS_1_EME,
modulus_bitlen, prng, prng_idx,
out, &x)) != CRYPT_OK) {
return err;
}
}
/* rsa exptmod the OAEP or PKCS #1 v1.5 pad */
return ltc_mp.rsa_me(out, x, out, outlen, PK_PUBLIC, key);
}
#endif /* LTC_MRSA */
/* ref: HEAD -> master, tag: v1.18.2 */
/* git commit: 7e7eb695d581782f04b24dc444cbfde86af59853 */
/* commit time: 2018-07-01 22:49:01 +0200 */

97
thirdparty/libtomcrypt/pk/rsa/rsa_export.c vendored Normal file
View File

@ -0,0 +1,97 @@
/* LibTomCrypt, modular cryptographic library -- Tom St Denis
*
* LibTomCrypt is a library that provides various cryptographic
* algorithms in a highly modular and flexible manner.
*
* The library is free for all purposes without any express
* guarantee it works.
*/
#include "tomcrypt.h"
/**
@file rsa_export.c
Export RSA PKCS keys, Tom St Denis
*/
#ifdef LTC_MRSA
/**
This will export either an RSAPublicKey or RSAPrivateKey [defined in PKCS #1 v2.1]
@param out [out] Destination of the packet
@param outlen [in/out] The max size and resulting size of the packet
@param type The type of exported key (PK_PRIVATE or PK_PUBLIC)
@param key The RSA key to export
@return CRYPT_OK if successful
*/
int rsa_export(unsigned char *out, unsigned long *outlen, int type, rsa_key *key)
{
unsigned long zero=0;
int err;
LTC_ARGCHK(out != NULL);
LTC_ARGCHK(outlen != NULL);
LTC_ARGCHK(key != NULL);
/* type valid? */
if (!(key->type == PK_PRIVATE) && (type == PK_PRIVATE)) {
return CRYPT_PK_INVALID_TYPE;
}
if (type == PK_PRIVATE) {
/* private key */
/* output is
Version, n, e, d, p, q, d mod (p-1), d mod (q - 1), 1/q mod p
*/
return der_encode_sequence_multi(out, outlen,
LTC_ASN1_SHORT_INTEGER, 1UL, &zero,
LTC_ASN1_INTEGER, 1UL, key->N,
LTC_ASN1_INTEGER, 1UL, key->e,
LTC_ASN1_INTEGER, 1UL, key->d,
LTC_ASN1_INTEGER, 1UL, key->p,
LTC_ASN1_INTEGER, 1UL, key->q,
LTC_ASN1_INTEGER, 1UL, key->dP,
LTC_ASN1_INTEGER, 1UL, key->dQ,
LTC_ASN1_INTEGER, 1UL, key->qP,
LTC_ASN1_EOL, 0UL, NULL);
} else {
/* public key */
unsigned long tmplen, *ptmplen;
unsigned char* tmp = NULL;
if (type & PK_STD) {
tmplen = (unsigned long)(mp_count_bits(key->N) / 8) * 2 + 8;
tmp = XMALLOC(tmplen);
ptmplen = &tmplen;
if (tmp == NULL) {
return CRYPT_MEM;
}
}
else {
tmp = out;
ptmplen = outlen;
}
err = der_encode_sequence_multi(tmp, ptmplen,
LTC_ASN1_INTEGER, 1UL, key->N,
LTC_ASN1_INTEGER, 1UL, key->e,
LTC_ASN1_EOL, 0UL, NULL);
if ((err != CRYPT_OK) || !(type & PK_STD)) {
goto finish;
}
err = der_encode_subject_public_key_info(out, outlen,
PKA_RSA, tmp, tmplen, LTC_ASN1_NULL, NULL, 0);
finish:
if (tmp != out)
XFREE(tmp);
return err;
}
}
#endif /* LTC_MRSA */
/* ref: HEAD -> master, tag: v1.18.2 */
/* git commit: 7e7eb695d581782f04b24dc444cbfde86af59853 */
/* commit time: 2018-07-01 22:49:01 +0200 */

182
thirdparty/libtomcrypt/pk/rsa/rsa_exptmod.c vendored Normal file
View File

@ -0,0 +1,182 @@
/* LibTomCrypt, modular cryptographic library -- Tom St Denis
*
* LibTomCrypt is a library that provides various cryptographic
* algorithms in a highly modular and flexible manner.
*
* The library is free for all purposes without any express
* guarantee it works.
*/
#include "tomcrypt.h"
/**
@file rsa_exptmod.c
RSA PKCS exptmod, Tom St Denis
Added RSA blinding --nmav
*/
#ifdef LTC_MRSA
/**
Compute an RSA modular exponentiation
@param in The input data to send into RSA
@param inlen The length of the input (octets)
@param out [out] The destination
@param outlen [in/out] The max size and resulting size of the output
@param which Which exponent to use, e.g. PK_PRIVATE or PK_PUBLIC
@param key The RSA key to use
@return CRYPT_OK if successful
*/
int rsa_exptmod(const unsigned char *in, unsigned long inlen,
unsigned char *out, unsigned long *outlen, int which,
rsa_key *key)
{
void *tmp, *tmpa, *tmpb;
#ifdef LTC_RSA_BLINDING
void *rnd, *rndi /* inverse of rnd */;
#endif
unsigned long x;
int err, has_crt_parameters;
LTC_ARGCHK(in != NULL);
LTC_ARGCHK(out != NULL);
LTC_ARGCHK(outlen != NULL);
LTC_ARGCHK(key != NULL);
/* is the key of the right type for the operation? */
if (which == PK_PRIVATE && (key->type != PK_PRIVATE)) {
return CRYPT_PK_NOT_PRIVATE;
}
/* must be a private or public operation */
if (which != PK_PRIVATE && which != PK_PUBLIC) {
return CRYPT_PK_INVALID_TYPE;
}
/* init and copy into tmp */
if ((err = mp_init_multi(&tmp, &tmpa, &tmpb,
#ifdef LTC_RSA_BLINDING
&rnd, &rndi,
#endif /* LTC_RSA_BLINDING */
NULL)) != CRYPT_OK)
{ return err; }
if ((err = mp_read_unsigned_bin(tmp, (unsigned char *)in, (int)inlen)) != CRYPT_OK)
{ goto error; }
/* sanity check on the input */
if (mp_cmp(key->N, tmp) == LTC_MP_LT) {
err = CRYPT_PK_INVALID_SIZE;
goto error;
}
/* are we using the private exponent and is the key optimized? */
if (which == PK_PRIVATE) {
#ifdef LTC_RSA_BLINDING
/* do blinding */
err = mp_rand(rnd, mp_get_digit_count(key->N));
if (err != CRYPT_OK) {
goto error;
}
/* rndi = 1/rnd mod N */
err = mp_invmod(rnd, key->N, rndi);
if (err != CRYPT_OK) {
goto error;
}
/* rnd = rnd^e */
err = mp_exptmod( rnd, key->e, key->N, rnd);
if (err != CRYPT_OK) {
goto error;
}
/* tmp = tmp*rnd mod N */
err = mp_mulmod( tmp, rnd, key->N, tmp);
if (err != CRYPT_OK) {
goto error;
}
#endif /* LTC_RSA_BLINDING */
has_crt_parameters = (key->p != NULL) && (mp_get_digit_count(key->p) != 0) &&
(key->q != NULL) && (mp_get_digit_count(key->q) != 0) &&
(key->dP != NULL) && (mp_get_digit_count(key->dP) != 0) &&
(key->dQ != NULL) && (mp_get_digit_count(key->dQ) != 0) &&
(key->qP != NULL) && (mp_get_digit_count(key->qP) != 0);
if (!has_crt_parameters) {
/*
* In case CRT optimization parameters are not provided,
* the private key is directly used to exptmod it
*/
if ((err = mp_exptmod(tmp, key->d, key->N, tmp)) != CRYPT_OK) { goto error; }
} else {
/* tmpa = tmp^dP mod p */
if ((err = mp_exptmod(tmp, key->dP, key->p, tmpa)) != CRYPT_OK) { goto error; }
/* tmpb = tmp^dQ mod q */
if ((err = mp_exptmod(tmp, key->dQ, key->q, tmpb)) != CRYPT_OK) { goto error; }
/* tmp = (tmpa - tmpb) * qInv (mod p) */
if ((err = mp_sub(tmpa, tmpb, tmp)) != CRYPT_OK) { goto error; }
if ((err = mp_mulmod(tmp, key->qP, key->p, tmp)) != CRYPT_OK) { goto error; }
/* tmp = tmpb + q * tmp */
if ((err = mp_mul(tmp, key->q, tmp)) != CRYPT_OK) { goto error; }
if ((err = mp_add(tmp, tmpb, tmp)) != CRYPT_OK) { goto error; }
}
#ifdef LTC_RSA_BLINDING
/* unblind */
err = mp_mulmod( tmp, rndi, key->N, tmp);
if (err != CRYPT_OK) {
goto error;
}
#endif
#ifdef LTC_RSA_CRT_HARDENING
if (has_crt_parameters) {
if ((err = mp_exptmod(tmp, key->e, key->N, tmpa)) != CRYPT_OK) { goto error; }
if ((err = mp_read_unsigned_bin(tmpb, (unsigned char *)in, (int)inlen)) != CRYPT_OK) { goto error; }
if (mp_cmp(tmpa, tmpb) != LTC_MP_EQ) { err = CRYPT_ERROR; goto error; }
}
#endif
} else {
/* exptmod it */
if ((err = mp_exptmod(tmp, key->e, key->N, tmp)) != CRYPT_OK) { goto error; }
}
/* read it back */
x = (unsigned long)mp_unsigned_bin_size(key->N);
if (x > *outlen) {
*outlen = x;
err = CRYPT_BUFFER_OVERFLOW;
goto error;
}
/* this should never happen ... */
if (mp_unsigned_bin_size(tmp) > mp_unsigned_bin_size(key->N)) {
err = CRYPT_ERROR;
goto error;
}
*outlen = x;
/* convert it */
zeromem(out, x);
if ((err = mp_to_unsigned_bin(tmp, out+(x-mp_unsigned_bin_size(tmp)))) != CRYPT_OK) { goto error; }
/* clean up and return */
err = CRYPT_OK;
error:
mp_clear_multi(
#ifdef LTC_RSA_BLINDING
rndi, rnd,
#endif /* LTC_RSA_BLINDING */
tmpb, tmpa, tmp, NULL);
return err;
}
#endif
/* ref: HEAD -> master, tag: v1.18.2 */
/* git commit: 7e7eb695d581782f04b24dc444cbfde86af59853 */
/* commit time: 2018-07-01 22:49:01 +0200 */

32
thirdparty/libtomcrypt/pk/rsa/rsa_free.c vendored Normal file
View File

@ -0,0 +1,32 @@
/* LibTomCrypt, modular cryptographic library -- Tom St Denis
*
* LibTomCrypt is a library that provides various cryptographic
* algorithms in a highly modular and flexible manner.
*
* The library is free for all purposes without any express
* guarantee it works.
*/
#include "tomcrypt.h"
/**
@file rsa_free.c
Free an RSA key, Tom St Denis
*/
#ifdef LTC_MRSA
/**
Free an RSA key from memory
@param key The RSA key to free
*/
void rsa_free(rsa_key *key)
{
LTC_ARGCHKVD(key != NULL);
mp_cleanup_multi(&key->q, &key->p, &key->qP, &key->dP, &key->dQ, &key->N, &key->d, &key->e, NULL);
}
#endif
/* ref: HEAD -> master, tag: v1.18.2 */
/* git commit: 7e7eb695d581782f04b24dc444cbfde86af59853 */
/* commit time: 2018-07-01 22:49:01 +0200 */

40
thirdparty/libtomcrypt/pk/rsa/rsa_get_size.c vendored Normal file
View File

@ -0,0 +1,40 @@
/* LibTomCrypt, modular cryptographic library -- Tom St Denis
*
* LibTomCrypt is a library that provides various cryptographic
* algorithms in a highly modular and flexible manner.
*
* The library is free for all purposes without any express
* guarantee it works.
*/
#include "tomcrypt.h"
/**
@file rsa_get_size.c
Retrieve the size of an RSA key, Steffen Jaeckel.
*/
#ifdef LTC_MRSA
/**
Retrieve the size in bytes of an RSA key.
@param key The RSA key
@return The size in bytes of the RSA key or INT_MAX on error.
*/
int rsa_get_size(rsa_key *key)
{
int ret = INT_MAX;
LTC_ARGCHK(key != NULL);
if (key)
{
ret = mp_unsigned_bin_size(key->N);
} /* if */
return ret;
}
#endif
/* ref: HEAD -> master, tag: v1.18.2 */
/* git commit: 7e7eb695d581782f04b24dc444cbfde86af59853 */
/* commit time: 2018-07-01 22:49:01 +0200 */

129
thirdparty/libtomcrypt/pk/rsa/rsa_import.c vendored Normal file
View File

@ -0,0 +1,129 @@
/* LibTomCrypt, modular cryptographic library -- Tom St Denis
*
* LibTomCrypt is a library that provides various cryptographic
* algorithms in a highly modular and flexible manner.
*
* The library is free for all purposes without any express
* guarantee it works.
*/
#include "tomcrypt.h"
/**
@file rsa_import.c
Import a PKCS RSA key, Tom St Denis
*/
#ifdef LTC_MRSA
/**
Import an RSAPublicKey or RSAPrivateKey [two-prime only, only support >= 1024-bit keys, defined in PKCS #1 v2.1]
@param in The packet to import from
@param inlen It's length (octets)
@param key [out] Destination for newly imported key
@return CRYPT_OK if successful, upon error allocated memory is freed
*/
int rsa_import(const unsigned char *in, unsigned long inlen, rsa_key *key)
{
int err;
void *zero;
unsigned char *tmpbuf=NULL;
unsigned long tmpbuf_len;
LTC_ARGCHK(in != NULL);
LTC_ARGCHK(key != NULL);
LTC_ARGCHK(ltc_mp.name != NULL);
/* init key */
if ((err = mp_init_multi(&key->e, &key->d, &key->N, &key->dQ,
&key->dP, &key->qP, &key->p, &key->q, NULL)) != CRYPT_OK) {
return err;
}
/* see if the OpenSSL DER format RSA public key will work */
tmpbuf_len = inlen;
tmpbuf = XCALLOC(1, tmpbuf_len);
if (tmpbuf == NULL) {
err = CRYPT_MEM;
goto LBL_ERR;
}
err = der_decode_subject_public_key_info(in, inlen,
PKA_RSA, tmpbuf, &tmpbuf_len,
LTC_ASN1_NULL, NULL, 0);
if (err == CRYPT_OK) { /* SubjectPublicKeyInfo format */
/* now it should be SEQUENCE { INTEGER, INTEGER } */
if ((err = der_decode_sequence_multi(tmpbuf, tmpbuf_len,
LTC_ASN1_INTEGER, 1UL, key->N,
LTC_ASN1_INTEGER, 1UL, key->e,
LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) {
goto LBL_ERR;
}
key->type = PK_PUBLIC;
err = CRYPT_OK;
goto LBL_FREE;
}
/* not SSL public key, try to match against PKCS #1 standards */
err = der_decode_sequence_multi(in, inlen, LTC_ASN1_INTEGER, 1UL, key->N,
LTC_ASN1_EOL, 0UL, NULL);
if (err != CRYPT_OK && err != CRYPT_INPUT_TOO_LONG) {
goto LBL_ERR;
}
if (mp_cmp_d(key->N, 0) == LTC_MP_EQ) {
if ((err = mp_init(&zero)) != CRYPT_OK) {
goto LBL_ERR;
}
/* it's a private key */
if ((err = der_decode_sequence_multi(in, inlen,
LTC_ASN1_INTEGER, 1UL, zero,
LTC_ASN1_INTEGER, 1UL, key->N,
LTC_ASN1_INTEGER, 1UL, key->e,
LTC_ASN1_INTEGER, 1UL, key->d,
LTC_ASN1_INTEGER, 1UL, key->p,
LTC_ASN1_INTEGER, 1UL, key->q,
LTC_ASN1_INTEGER, 1UL, key->dP,
LTC_ASN1_INTEGER, 1UL, key->dQ,
LTC_ASN1_INTEGER, 1UL, key->qP,
LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) {
mp_clear(zero);
goto LBL_ERR;
}
mp_clear(zero);
key->type = PK_PRIVATE;
} else if (mp_cmp_d(key->N, 1) == LTC_MP_EQ) {
/* we don't support multi-prime RSA */
err = CRYPT_PK_INVALID_TYPE;
goto LBL_ERR;
} else {
/* it's a public key and we lack e */
if ((err = der_decode_sequence_multi(in, inlen,
LTC_ASN1_INTEGER, 1UL, key->N,
LTC_ASN1_INTEGER, 1UL, key->e,
LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) {
goto LBL_ERR;
}
key->type = PK_PUBLIC;
}
err = CRYPT_OK;
goto LBL_FREE;
LBL_ERR:
mp_clear_multi(key->d, key->e, key->N, key->dQ, key->dP, key->qP, key->p, key->q, NULL);
LBL_FREE:
if (tmpbuf != NULL)
XFREE(tmpbuf);
return err;
}
#endif /* LTC_MRSA */
/* ref: HEAD -> master, tag: v1.18.2 */
/* git commit: 7e7eb695d581782f04b24dc444cbfde86af59853 */
/* commit time: 2018-07-01 22:49:01 +0200 */

153
thirdparty/libtomcrypt/pk/rsa/rsa_import_pkcs8.c vendored Normal file
View File

@ -0,0 +1,153 @@
/* LibTomCrypt, modular cryptographic library -- Tom St Denis
*
* LibTomCrypt is a library that provides various cryptographic
* algorithms in a highly modular and flexible manner.
*
* The library is free for all purposes without any express
* guarantee it works.
*/
#include "tomcrypt.h"
/**
@file rsa_import_pkcs8.c
Import a PKCS RSA key
*/
#ifdef LTC_MRSA
/* Public-Key Cryptography Standards (PKCS) #8:
* Private-Key Information Syntax Specification Version 1.2
* https://tools.ietf.org/html/rfc5208
*
* PrivateKeyInfo ::= SEQUENCE {
* version Version,
* privateKeyAlgorithm PrivateKeyAlgorithmIdentifier,
* privateKey PrivateKey,
* attributes [0] IMPLICIT Attributes OPTIONAL }
* where:
* - Version ::= INTEGER
* - PrivateKeyAlgorithmIdentifier ::= AlgorithmIdentifier
* - PrivateKey ::= OCTET STRING
* - Attributes ::= SET OF Attribute
*
* EncryptedPrivateKeyInfo ::= SEQUENCE {
* encryptionAlgorithm EncryptionAlgorithmIdentifier,
* encryptedData EncryptedData }
* where:
* - EncryptionAlgorithmIdentifier ::= AlgorithmIdentifier
* - EncryptedData ::= OCTET STRING
*/
/**
Import an RSAPublicKey or RSAPrivateKey in PKCS#8 format
@param in The packet to import from
@param inlen It's length (octets)
@param passwd The password for decrypting privkey (NOT SUPPORTED YET)
@param passwdlen Password's length (octets)
@param key [out] Destination for newly imported key
@return CRYPT_OK if successful, upon error allocated memory is freed
*/
int rsa_import_pkcs8(const unsigned char *in, unsigned long inlen,
const void *passwd, unsigned long passwdlen,
rsa_key *key)
{
int err;
void *zero, *iter;
unsigned char *buf1 = NULL, *buf2 = NULL;
unsigned long buf1len, buf2len;
unsigned long oid[16];
oid_st rsaoid;
ltc_asn1_list alg_seq[2], top_seq[3];
ltc_asn1_list alg_seq_e[2], key_seq_e[2], top_seq_e[2];
unsigned char *decrypted = NULL;
unsigned long decryptedlen;
LTC_ARGCHK(in != NULL);
LTC_ARGCHK(key != NULL);
LTC_ARGCHK(ltc_mp.name != NULL);
/* get RSA alg oid */
err = pk_get_oid(PKA_RSA, &rsaoid);
if (err != CRYPT_OK) { goto LBL_NOFREE; }
/* alloc buffers */
buf1len = inlen; /* approx. */
buf1 = XMALLOC(buf1len);
if (buf1 == NULL) { err = CRYPT_MEM; goto LBL_NOFREE; }
buf2len = inlen; /* approx. */
buf2 = XMALLOC(buf2len);
if (buf2 == NULL) { err = CRYPT_MEM; goto LBL_FREE1; }
/* init key */
err = mp_init_multi(&key->e, &key->d, &key->N, &key->dQ, &key->dP, &key->qP, &key->p, &key->q, &zero, &iter, NULL);
if (err != CRYPT_OK) { goto LBL_FREE2; }
/* try to decode encrypted priv key */
LTC_SET_ASN1(key_seq_e, 0, LTC_ASN1_OCTET_STRING, buf1, buf1len);
LTC_SET_ASN1(key_seq_e, 1, LTC_ASN1_INTEGER, iter, 1UL);
LTC_SET_ASN1(alg_seq_e, 0, LTC_ASN1_OBJECT_IDENTIFIER, oid, 16UL);
LTC_SET_ASN1(alg_seq_e, 1, LTC_ASN1_SEQUENCE, key_seq_e, 2UL);
LTC_SET_ASN1(top_seq_e, 0, LTC_ASN1_SEQUENCE, alg_seq_e, 2UL);
LTC_SET_ASN1(top_seq_e, 1, LTC_ASN1_OCTET_STRING, buf2, buf2len);
err=der_decode_sequence(in, inlen, top_seq_e, 2UL);
if (err == CRYPT_OK) {
LTC_UNUSED_PARAM(passwd);
LTC_UNUSED_PARAM(passwdlen);
/* XXX: TODO encrypted pkcs8 not implemented yet */
/* fprintf(stderr, "decrypt: iter=%ld salt.len=%ld encdata.len=%ld\n", mp_get_int(iter), key_seq_e[0].size, top_seq_e[1].size); */
err = CRYPT_PK_INVALID_TYPE;
goto LBL_ERR;
}
else {
decrypted = (unsigned char *)in;
decryptedlen = inlen;
}
/* try to decode unencrypted priv key */
LTC_SET_ASN1(alg_seq, 0, LTC_ASN1_OBJECT_IDENTIFIER, oid, 16UL);
LTC_SET_ASN1(alg_seq, 1, LTC_ASN1_NULL, NULL, 0UL);
LTC_SET_ASN1(top_seq, 0, LTC_ASN1_INTEGER, zero, 1UL);
LTC_SET_ASN1(top_seq, 1, LTC_ASN1_SEQUENCE, alg_seq, 2UL);
LTC_SET_ASN1(top_seq, 2, LTC_ASN1_OCTET_STRING, buf1, buf1len);
err=der_decode_sequence(decrypted, decryptedlen, top_seq, 3UL);
if (err != CRYPT_OK) { goto LBL_ERR; }
/* check alg oid */
if ((alg_seq[0].size != rsaoid.OIDlen) ||
XMEMCMP(rsaoid.OID, alg_seq[0].data, rsaoid.OIDlen * sizeof(rsaoid.OID[0])) != 0) {
err = CRYPT_PK_INVALID_TYPE;
goto LBL_ERR;
}
err = der_decode_sequence_multi(buf1, top_seq[2].size,
LTC_ASN1_INTEGER, 1UL, zero,
LTC_ASN1_INTEGER, 1UL, key->N,
LTC_ASN1_INTEGER, 1UL, key->e,
LTC_ASN1_INTEGER, 1UL, key->d,
LTC_ASN1_INTEGER, 1UL, key->p,
LTC_ASN1_INTEGER, 1UL, key->q,
LTC_ASN1_INTEGER, 1UL, key->dP,
LTC_ASN1_INTEGER, 1UL, key->dQ,
LTC_ASN1_INTEGER, 1UL, key->qP,
LTC_ASN1_EOL, 0UL, NULL);
if (err != CRYPT_OK) { goto LBL_ERR; }
key->type = PK_PRIVATE;
err = CRYPT_OK;
goto LBL_FREE2;
LBL_ERR:
rsa_free(key);
LBL_FREE2:
mp_clear_multi(iter, zero, NULL);
XFREE(buf2);
LBL_FREE1:
XFREE(buf1);
LBL_NOFREE:
return err;
}
#endif /* LTC_MRSA */
/* ref: HEAD -> master, tag: v1.18.2 */
/* git commit: 7e7eb695d581782f04b24dc444cbfde86af59853 */
/* commit time: 2018-07-01 22:49:01 +0200 */

118
thirdparty/libtomcrypt/pk/rsa/rsa_import_x509.c vendored Normal file
View File

@ -0,0 +1,118 @@
/* LibTomCrypt, modular cryptographic library -- Tom St Denis
*
* LibTomCrypt is a library that provides various cryptographic
* algorithms in a highly modular and flexible manner.
*
* The library is free for all purposes without any express
* guarantee it works.
*/
#include "tomcrypt.h"
/**
@file rsa_import.c
Import an RSA key from a X.509 certificate, Steffen Jaeckel
*/
#ifdef LTC_MRSA
/**
Import an RSA key from a X.509 certificate
@param in The packet to import from
@param inlen It's length (octets)
@param key [out] Destination for newly imported key
@return CRYPT_OK if successful, upon error allocated memory is freed
*/
int rsa_import_x509(const unsigned char *in, unsigned long inlen, rsa_key *key)
{
int err;
unsigned char *tmpbuf;
unsigned long tmpbuf_len, tmp_inlen;
ltc_asn1_list *decoded_list = NULL, *l;
LTC_ARGCHK(in != NULL);
LTC_ARGCHK(key != NULL);
LTC_ARGCHK(ltc_mp.name != NULL);
/* init key */
if ((err = mp_init_multi(&key->e, &key->d, &key->N, &key->dQ,
&key->dP, &key->qP, &key->p, &key->q, NULL)) != CRYPT_OK) {
return err;
}
tmpbuf_len = inlen;
tmpbuf = XCALLOC(1, tmpbuf_len);
if (tmpbuf == NULL) {
err = CRYPT_MEM;
goto LBL_ERR;
}
tmp_inlen = inlen;
if ((err = der_decode_sequence_flexi(in, &tmp_inlen, &decoded_list)) == CRYPT_OK) {
l = decoded_list;
/* Move 2 levels up in the tree
SEQUENCE
SEQUENCE
...
*/
if (l->type == LTC_ASN1_SEQUENCE && l->child) {
l = l->child;
if (l->type == LTC_ASN1_SEQUENCE && l->child) {
l = l->child;
err = CRYPT_ERROR;
/* Move forward in the tree until we find this combination
...
SEQUENCE
SEQUENCE
OBJECT IDENTIFIER 1.2.840.113549.1.1.1
NULL
BIT STRING
*/
do {
/* The additional check for l->data is there to make sure
* we won't try to decode a list that has been 'shrunk'
*/
if (l->type == LTC_ASN1_SEQUENCE && l->data && l->child &&
l->child->type == LTC_ASN1_SEQUENCE && l->child->child &&
l->child->child->type == LTC_ASN1_OBJECT_IDENTIFIER && l->child->next &&
l->child->next->type == LTC_ASN1_BIT_STRING) {
err = der_decode_subject_public_key_info(l->data, l->size,
PKA_RSA, tmpbuf, &tmpbuf_len,
LTC_ASN1_NULL, NULL, 0);
if (err == CRYPT_OK) {
/* now it should be SEQUENCE { INTEGER, INTEGER } */
if ((err = der_decode_sequence_multi(tmpbuf, tmpbuf_len,
LTC_ASN1_INTEGER, 1UL, key->N,
LTC_ASN1_INTEGER, 1UL, key->e,
LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) {
goto LBL_ERR;
}
key->type = PK_PUBLIC;
err = CRYPT_OK;
goto LBL_FREE;
}
}
l = l->next;
} while(l);
}
}
}
LBL_ERR:
rsa_free(key);
LBL_FREE:
if (decoded_list) der_free_sequence_flexi(decoded_list);
if (tmpbuf != NULL) XFREE(tmpbuf);
return err;
}
#endif /* LTC_MRSA */
/* ref: HEAD -> master, tag: v1.18.2 */
/* git commit: 7e7eb695d581782f04b24dc444cbfde86af59853 */
/* commit time: 2018-07-01 22:49:01 +0200 */

107
thirdparty/libtomcrypt/pk/rsa/rsa_make_key.c vendored Normal file
View File

@ -0,0 +1,107 @@
/* LibTomCrypt, modular cryptographic library -- Tom St Denis
*
* LibTomCrypt is a library that provides various cryptographic
* algorithms in a highly modular and flexible manner.
*
* The library is free for all purposes without any express
* guarantee it works.
*/
#include "tomcrypt.h"
/**
@file rsa_make_key.c
RSA key generation, Tom St Denis
*/
#ifdef LTC_MRSA
/**
Create an RSA key
@param prng An active PRNG state
@param wprng The index of the PRNG desired
@param size The size of the modulus (key size) desired (octets)
@param e The "e" value (public key). e==65537 is a good choice
@param key [out] Destination of a newly created private key pair
@return CRYPT_OK if successful, upon error all allocated ram is freed
*/
int rsa_make_key(prng_state *prng, int wprng, int size, long e, rsa_key *key)
{
void *p, *q, *tmp1, *tmp2, *tmp3;
int err;
LTC_ARGCHK(ltc_mp.name != NULL);
LTC_ARGCHK(key != NULL);
LTC_ARGCHK(size > 0);
if ((e < 3) || ((e & 1) == 0)) {
return CRYPT_INVALID_ARG;
}
if ((err = prng_is_valid(wprng)) != CRYPT_OK) {
return err;
}
if ((err = mp_init_multi(&p, &q, &tmp1, &tmp2, &tmp3, NULL)) != CRYPT_OK) {
return err;
}
/* make primes p and q (optimization provided by Wayne Scott) */
if ((err = mp_set_int(tmp3, e)) != CRYPT_OK) { goto cleanup; } /* tmp3 = e */
/* make prime "p" */
do {
if ((err = rand_prime( p, size/2, prng, wprng)) != CRYPT_OK) { goto cleanup; }
if ((err = mp_sub_d( p, 1, tmp1)) != CRYPT_OK) { goto cleanup; } /* tmp1 = p-1 */
if ((err = mp_gcd( tmp1, tmp3, tmp2)) != CRYPT_OK) { goto cleanup; } /* tmp2 = gcd(p-1, e) */
} while (mp_cmp_d( tmp2, 1) != 0); /* while e divides p-1 */
/* make prime "q" */
do {
if ((err = rand_prime( q, size/2, prng, wprng)) != CRYPT_OK) { goto cleanup; }
if ((err = mp_sub_d( q, 1, tmp1)) != CRYPT_OK) { goto cleanup; } /* tmp1 = q-1 */
if ((err = mp_gcd( tmp1, tmp3, tmp2)) != CRYPT_OK) { goto cleanup; } /* tmp2 = gcd(q-1, e) */
} while (mp_cmp_d( tmp2, 1) != 0); /* while e divides q-1 */
/* tmp1 = lcm(p-1, q-1) */
if ((err = mp_sub_d( p, 1, tmp2)) != CRYPT_OK) { goto cleanup; } /* tmp2 = p-1 */
/* tmp1 = q-1 (previous do/while loop) */
if ((err = mp_lcm( tmp1, tmp2, tmp1)) != CRYPT_OK) { goto cleanup; } /* tmp1 = lcm(p-1, q-1) */
/* make key */
if ((err = mp_init_multi(&key->e, &key->d, &key->N, &key->dQ, &key->dP, &key->qP, &key->p, &key->q, NULL)) != CRYPT_OK) {
goto errkey;
}
if ((err = mp_set_int( key->e, e)) != CRYPT_OK) { goto errkey; } /* key->e = e */
if ((err = mp_invmod( key->e, tmp1, key->d)) != CRYPT_OK) { goto errkey; } /* key->d = 1/e mod lcm(p-1,q-1) */
if ((err = mp_mul( p, q, key->N)) != CRYPT_OK) { goto errkey; } /* key->N = pq */
/* optimize for CRT now */
/* find d mod q-1 and d mod p-1 */
if ((err = mp_sub_d( p, 1, tmp1)) != CRYPT_OK) { goto errkey; } /* tmp1 = q-1 */
if ((err = mp_sub_d( q, 1, tmp2)) != CRYPT_OK) { goto errkey; } /* tmp2 = p-1 */
if ((err = mp_mod( key->d, tmp1, key->dP)) != CRYPT_OK) { goto errkey; } /* dP = d mod p-1 */
if ((err = mp_mod( key->d, tmp2, key->dQ)) != CRYPT_OK) { goto errkey; } /* dQ = d mod q-1 */
if ((err = mp_invmod( q, p, key->qP)) != CRYPT_OK) { goto errkey; } /* qP = 1/q mod p */
if ((err = mp_copy( p, key->p)) != CRYPT_OK) { goto errkey; }
if ((err = mp_copy( q, key->q)) != CRYPT_OK) { goto errkey; }
/* set key type (in this case it's CRT optimized) */
key->type = PK_PRIVATE;
/* return ok and free temps */
err = CRYPT_OK;
goto cleanup;
errkey:
rsa_free(key);
cleanup:
mp_clear_multi(tmp3, tmp2, tmp1, q, p, NULL);
return err;
}
#endif
/* ref: HEAD -> master, tag: v1.18.2 */
/* git commit: 7e7eb695d581782f04b24dc444cbfde86af59853 */
/* commit time: 2018-07-01 22:49:01 +0200 */

134
thirdparty/libtomcrypt/pk/rsa/rsa_set.c vendored Normal file
View File

@ -0,0 +1,134 @@
/* LibTomCrypt, modular cryptographic library -- Tom St Denis
*
* LibTomCrypt is a library that provides various cryptographic
* algorithms in a highly modular and flexible manner.
*
* The library is free for all purposes without any express
* guarantee it works.
*/
#include "tomcrypt.h"
#ifdef LTC_MRSA
/**
Import RSA key from raw numbers
@param N RSA's N
@param Nlen RSA's N's length
@param e RSA's e
@param elen RSA's e's length
@param d RSA's d (only private key, NULL for public key)
@param dlen RSA's d's length
@param key [out] the destination for the imported key
@return CRYPT_OK if successful
*/
int rsa_set_key(const unsigned char *N, unsigned long Nlen,
const unsigned char *e, unsigned long elen,
const unsigned char *d, unsigned long dlen,
rsa_key *key)
{
int err;
LTC_ARGCHK(key != NULL);
LTC_ARGCHK(N != NULL);
LTC_ARGCHK(e != NULL);
LTC_ARGCHK(ltc_mp.name != NULL);
err = mp_init_multi(&key->e, &key->d, &key->N, &key->dQ, &key->dP, &key->qP, &key->p, &key->q, NULL);
if (err != CRYPT_OK) return err;
if ((err = mp_read_unsigned_bin(key->N , (unsigned char *)N , Nlen)) != CRYPT_OK) { goto LBL_ERR; }
if ((err = mp_read_unsigned_bin(key->e , (unsigned char *)e , elen)) != CRYPT_OK) { goto LBL_ERR; }
if (d && dlen) {
if ((err = mp_read_unsigned_bin(key->d , (unsigned char *)d , dlen)) != CRYPT_OK) { goto LBL_ERR; }
key->type = PK_PRIVATE;
}
else {
key->type = PK_PUBLIC;
}
return CRYPT_OK;
LBL_ERR:
rsa_free(key);
return err;
}
/**
Import factors of an RSA key from raw numbers
Only for private keys.
@param p RSA's p
@param plen RSA's p's length
@param q RSA's q
@param qlen RSA's q's length
@param key [out] the destination for the imported key
@return CRYPT_OK if successful
*/
int rsa_set_factors(const unsigned char *p, unsigned long plen,
const unsigned char *q, unsigned long qlen,
rsa_key *key)
{
int err;
LTC_ARGCHK(key != NULL);
LTC_ARGCHK(p != NULL);
LTC_ARGCHK(q != NULL);
LTC_ARGCHK(ltc_mp.name != NULL);
if (key->type != PK_PRIVATE) return CRYPT_PK_TYPE_MISMATCH;
if ((err = mp_read_unsigned_bin(key->p , (unsigned char *)p , plen)) != CRYPT_OK) { goto LBL_ERR; }
if ((err = mp_read_unsigned_bin(key->q , (unsigned char *)q , qlen)) != CRYPT_OK) { goto LBL_ERR; }
return CRYPT_OK;
LBL_ERR:
rsa_free(key);
return err;
}
/**
Import CRT parameters of an RSA key from raw numbers
Only for private keys.
@param dP RSA's dP
@param dPlen RSA's dP's length
@param dQ RSA's dQ
@param dQlen RSA's dQ's length
@param qP RSA's qP
@param qPlen RSA's qP's length
@param key [out] the destination for the imported key
@return CRYPT_OK if successful
*/
int rsa_set_crt_params(const unsigned char *dP, unsigned long dPlen,
const unsigned char *dQ, unsigned long dQlen,
const unsigned char *qP, unsigned long qPlen,
rsa_key *key)
{
int err;
LTC_ARGCHK(key != NULL);
LTC_ARGCHK(dP != NULL);
LTC_ARGCHK(dQ != NULL);
LTC_ARGCHK(qP != NULL);
LTC_ARGCHK(ltc_mp.name != NULL);
if (key->type != PK_PRIVATE) return CRYPT_PK_TYPE_MISMATCH;
if ((err = mp_read_unsigned_bin(key->dP, (unsigned char *)dP, dPlen)) != CRYPT_OK) { goto LBL_ERR; }
if ((err = mp_read_unsigned_bin(key->dQ, (unsigned char *)dQ, dQlen)) != CRYPT_OK) { goto LBL_ERR; }
if ((err = mp_read_unsigned_bin(key->qP, (unsigned char *)qP, qPlen)) != CRYPT_OK) { goto LBL_ERR; }
return CRYPT_OK;
LBL_ERR:
rsa_free(key);
return err;
}
#endif /* LTC_MRSA */
/* ref: HEAD -> master, tag: v1.18.2 */
/* git commit: 7e7eb695d581782f04b24dc444cbfde86af59853 */
/* commit time: 2018-07-01 22:49:01 +0200 */

146
thirdparty/libtomcrypt/pk/rsa/rsa_sign_hash.c vendored Normal file
View File

@ -0,0 +1,146 @@
/* LibTomCrypt, modular cryptographic library -- Tom St Denis
*
* LibTomCrypt is a library that provides various cryptographic
* algorithms in a highly modular and flexible manner.
*
* The library is free for all purposes without any express
* guarantee it works.
*/
#include "tomcrypt.h"
/**
@file rsa_sign_hash.c
RSA PKCS #1 v1.5 and v2 PSS sign hash, Tom St Denis and Andreas Lange
*/
#ifdef LTC_MRSA
/**
PKCS #1 pad then sign
@param in The hash to sign
@param inlen The length of the hash to sign (octets)
@param out [out] The signature
@param outlen [in/out] The max size and resulting size of the signature
@param padding Type of padding (LTC_PKCS_1_PSS, LTC_PKCS_1_V1_5 or LTC_PKCS_1_V1_5_NA1)
@param prng An active PRNG state
@param prng_idx The index of the PRNG desired
@param hash_idx The index of the hash desired
@param saltlen The length of the salt desired (octets)
@param key The private RSA key to use
@return CRYPT_OK if successful
*/
int rsa_sign_hash_ex(const unsigned char *in, unsigned long inlen,
unsigned char *out, unsigned long *outlen,
int padding,
prng_state *prng, int prng_idx,
int hash_idx, unsigned long saltlen,
rsa_key *key)
{
unsigned long modulus_bitlen, modulus_bytelen, x, y;
int err;
LTC_ARGCHK(in != NULL);
LTC_ARGCHK(out != NULL);
LTC_ARGCHK(outlen != NULL);
LTC_ARGCHK(key != NULL);
/* valid padding? */
if ((padding != LTC_PKCS_1_V1_5) &&
(padding != LTC_PKCS_1_PSS) &&
(padding != LTC_PKCS_1_V1_5_NA1)) {
return CRYPT_PK_INVALID_PADDING;
}
if (padding == LTC_PKCS_1_PSS) {
/* valid prng ? */
if ((err = prng_is_valid(prng_idx)) != CRYPT_OK) {
return err;
}
}
if (padding != LTC_PKCS_1_V1_5_NA1) {
/* valid hash ? */
if ((err = hash_is_valid(hash_idx)) != CRYPT_OK) {
return err;
}
}
/* get modulus len in bits */
modulus_bitlen = mp_count_bits((key->N));
/* outlen must be at least the size of the modulus */
modulus_bytelen = mp_unsigned_bin_size((key->N));
if (modulus_bytelen > *outlen) {
*outlen = modulus_bytelen;
return CRYPT_BUFFER_OVERFLOW;
}
if (padding == LTC_PKCS_1_PSS) {
/* PSS pad the key */
x = *outlen;
if ((err = pkcs_1_pss_encode(in, inlen, saltlen, prng, prng_idx,
hash_idx, modulus_bitlen, out, &x)) != CRYPT_OK) {
return err;
}
} else {
/* PKCS #1 v1.5 pad the hash */
unsigned char *tmpin;
if (padding == LTC_PKCS_1_V1_5) {
ltc_asn1_list digestinfo[2], siginfo[2];
/* not all hashes have OIDs... so sad */
if (hash_descriptor[hash_idx].OIDlen == 0) {
return CRYPT_INVALID_ARG;
}
/* construct the SEQUENCE
SEQUENCE {
SEQUENCE {hashoid OID
blah NULL
}
hash OCTET STRING
}
*/
LTC_SET_ASN1(digestinfo, 0, LTC_ASN1_OBJECT_IDENTIFIER, hash_descriptor[hash_idx].OID, hash_descriptor[hash_idx].OIDlen);
LTC_SET_ASN1(digestinfo, 1, LTC_ASN1_NULL, NULL, 0);
LTC_SET_ASN1(siginfo, 0, LTC_ASN1_SEQUENCE, digestinfo, 2);
LTC_SET_ASN1(siginfo, 1, LTC_ASN1_OCTET_STRING, in, inlen);
/* allocate memory for the encoding */
y = mp_unsigned_bin_size(key->N);
tmpin = XMALLOC(y);
if (tmpin == NULL) {
return CRYPT_MEM;
}
if ((err = der_encode_sequence(siginfo, 2, tmpin, &y)) != CRYPT_OK) {
XFREE(tmpin);
return err;
}
} else {
/* set the pointer and data-length to the input values */
tmpin = (unsigned char *)in;
y = inlen;
}
x = *outlen;
err = pkcs_1_v1_5_encode(tmpin, y, LTC_PKCS_1_EMSA, modulus_bitlen, NULL, 0, out, &x);
if (padding == LTC_PKCS_1_V1_5) {
XFREE(tmpin);
}
if (err != CRYPT_OK) {
return err;
}
}
/* RSA encode it */
return ltc_mp.rsa_me(out, x, out, outlen, PK_PRIVATE, key);
}
#endif /* LTC_MRSA */
/* ref: HEAD -> master, tag: v1.18.2 */
/* git commit: 7e7eb695d581782f04b24dc444cbfde86af59853 */
/* commit time: 2018-07-01 22:49:01 +0200 */

47
thirdparty/libtomcrypt/pk/rsa/rsa_sign_saltlen_get.c vendored Normal file
View File

@ -0,0 +1,47 @@
/* LibTomCrypt, modular cryptographic library -- Tom St Denis
*
* LibTomCrypt is a library that provides various cryptographic
* algorithms in a highly modular and flexible manner.
*
* The library is free for all purposes without any express
* guarantee it works.
*/
#include "tomcrypt.h"
/**
@file rsa_sign_saltlen_get.c
Retrieve the maximum size of the salt, Steffen Jaeckel.
*/
#ifdef LTC_MRSA
/**
Retrieve the maximum possible size of the salt when creating a PKCS#1 PSS signature.
@param padding Type of padding (LTC_PKCS_1_PSS only)
@param hash_idx The index of the desired hash
@param key The RSA key
@return The maximum salt length in bytes or INT_MAX on error.
*/
int rsa_sign_saltlen_get_max_ex(int padding, int hash_idx, rsa_key *key)
{
int ret = INT_MAX;
LTC_ARGCHK(key != NULL);
if ((hash_is_valid(hash_idx) == CRYPT_OK) &&
(padding == LTC_PKCS_1_PSS))
{
ret = rsa_get_size(key);
if (ret < INT_MAX)
{
ret -= (hash_descriptor[hash_idx].hashsize + 2);
} /* if */
} /* if */
return ret;
}
#endif
/* ref: HEAD -> master, tag: v1.18.2 */
/* git commit: 7e7eb695d581782f04b24dc444cbfde86af59853 */
/* commit time: 2018-07-01 22:49:01 +0200 */

193
thirdparty/libtomcrypt/pk/rsa/rsa_verify_hash.c vendored Normal file
View File

@ -0,0 +1,193 @@
/* LibTomCrypt, modular cryptographic library -- Tom St Denis
*
* LibTomCrypt is a library that provides various cryptographic
* algorithms in a highly modular and flexible manner.
*
* The library is free for all purposes without any express
* guarantee it works.
*/
#include "tomcrypt.h"
/**
@file rsa_verify_hash.c
RSA PKCS #1 v1.5 or v2 PSS signature verification, Tom St Denis and Andreas Lange
*/
#ifdef LTC_MRSA
/**
PKCS #1 de-sign then v1.5 or PSS depad
@param sig The signature data
@param siglen The length of the signature data (octets)
@param hash The hash of the message that was signed
@param hashlen The length of the hash of the message that was signed (octets)
@param padding Type of padding (LTC_PKCS_1_PSS, LTC_PKCS_1_V1_5 or LTC_PKCS_1_V1_5_NA1)
@param hash_idx The index of the desired hash
@param saltlen The length of the salt used during signature
@param stat [out] The result of the signature comparison, 1==valid, 0==invalid
@param key The public RSA key corresponding to the key that performed the signature
@return CRYPT_OK on success (even if the signature is invalid)
*/
int rsa_verify_hash_ex(const unsigned char *sig, unsigned long siglen,
const unsigned char *hash, unsigned long hashlen,
int padding,
int hash_idx, unsigned long saltlen,
int *stat, rsa_key *key)
{
unsigned long modulus_bitlen, modulus_bytelen, x;
int err;
unsigned char *tmpbuf;
LTC_ARGCHK(hash != NULL);
LTC_ARGCHK(sig != NULL);
LTC_ARGCHK(stat != NULL);
LTC_ARGCHK(key != NULL);
/* default to invalid */
*stat = 0;
/* valid padding? */
if ((padding != LTC_PKCS_1_V1_5) &&
(padding != LTC_PKCS_1_PSS) &&
(padding != LTC_PKCS_1_V1_5_NA1)) {
return CRYPT_PK_INVALID_PADDING;
}
if (padding != LTC_PKCS_1_V1_5_NA1) {
/* valid hash ? */
if ((err = hash_is_valid(hash_idx)) != CRYPT_OK) {
return err;
}
}
/* get modulus len in bits */
modulus_bitlen = mp_count_bits( (key->N));
/* outlen must be at least the size of the modulus */
modulus_bytelen = mp_unsigned_bin_size( (key->N));
if (modulus_bytelen != siglen) {
return CRYPT_INVALID_PACKET;
}
/* allocate temp buffer for decoded sig */
tmpbuf = XMALLOC(siglen);
if (tmpbuf == NULL) {
return CRYPT_MEM;
}
/* RSA decode it */
x = siglen;
if ((err = ltc_mp.rsa_me(sig, siglen, tmpbuf, &x, PK_PUBLIC, key)) != CRYPT_OK) {
XFREE(tmpbuf);
return err;
}
/* make sure the output is the right size */
if (x != siglen) {
XFREE(tmpbuf);
return CRYPT_INVALID_PACKET;
}
if (padding == LTC_PKCS_1_PSS) {
/* PSS decode and verify it */
if(modulus_bitlen%8 == 1){
err = pkcs_1_pss_decode(hash, hashlen, tmpbuf+1, x-1, saltlen, hash_idx, modulus_bitlen, stat);
}
else{
err = pkcs_1_pss_decode(hash, hashlen, tmpbuf, x, saltlen, hash_idx, modulus_bitlen, stat);
}
} else {
/* PKCS #1 v1.5 decode it */
unsigned char *out;
unsigned long outlen;
int decoded;
/* allocate temp buffer for decoded hash */
outlen = ((modulus_bitlen >> 3) + (modulus_bitlen & 7 ? 1 : 0)) - 3;
out = XMALLOC(outlen);
if (out == NULL) {
err = CRYPT_MEM;
goto bail_2;
}
if ((err = pkcs_1_v1_5_decode(tmpbuf, x, LTC_PKCS_1_EMSA, modulus_bitlen, out, &outlen, &decoded)) != CRYPT_OK) {
XFREE(out);
goto bail_2;
}
if (padding == LTC_PKCS_1_V1_5) {
unsigned long loid[16], reallen;
ltc_asn1_list digestinfo[2], siginfo[2];
/* not all hashes have OIDs... so sad */
if (hash_descriptor[hash_idx].OIDlen == 0) {
err = CRYPT_INVALID_ARG;
goto bail_2;
}
/* now we must decode out[0...outlen-1] using ASN.1, test the OID and then test the hash */
/* construct the SEQUENCE
SEQUENCE {
SEQUENCE {hashoid OID
blah NULL
}
hash OCTET STRING
}
*/
LTC_SET_ASN1(digestinfo, 0, LTC_ASN1_OBJECT_IDENTIFIER, loid, sizeof(loid)/sizeof(loid[0]));
LTC_SET_ASN1(digestinfo, 1, LTC_ASN1_NULL, NULL, 0);
LTC_SET_ASN1(siginfo, 0, LTC_ASN1_SEQUENCE, digestinfo, 2);
LTC_SET_ASN1(siginfo, 1, LTC_ASN1_OCTET_STRING, tmpbuf, siglen);
if ((err = der_decode_sequence(out, outlen, siginfo, 2)) != CRYPT_OK) {
/* fallback to Legacy:missing NULL */
LTC_SET_ASN1(siginfo, 0, LTC_ASN1_SEQUENCE, digestinfo, 1);
if ((err = der_decode_sequence(out, outlen, siginfo, 2)) != CRYPT_OK) {
XFREE(out);
goto bail_2;
}
}
if ((err = der_length_sequence(siginfo, 2, &reallen)) != CRYPT_OK) {
XFREE(out);
goto bail_2;
}
/* test OID */
if ((reallen == outlen) &&
(digestinfo[0].size == hash_descriptor[hash_idx].OIDlen) &&
(XMEMCMP(digestinfo[0].data, hash_descriptor[hash_idx].OID, sizeof(unsigned long) * hash_descriptor[hash_idx].OIDlen) == 0) &&
(siginfo[1].size == hashlen) &&
(XMEMCMP(siginfo[1].data, hash, hashlen) == 0)) {
*stat = 1;
}
} else {
/* only check if the hash is equal */
if ((hashlen == outlen) &&
(XMEMCMP(out, hash, hashlen) == 0)) {
*stat = 1;
}
}
#ifdef LTC_CLEAN_STACK
zeromem(out, outlen);
#endif
XFREE(out);
}
bail_2:
#ifdef LTC_CLEAN_STACK
zeromem(tmpbuf, siglen);
#endif
XFREE(tmpbuf);
return err;
}
#endif /* LTC_MRSA */
/* ref: HEAD -> master, tag: v1.18.2 */
/* git commit: 7e7eb695d581782f04b24dc444cbfde86af59853 */
/* commit time: 2018-07-01 22:49:01 +0200 */